Address indexing and worms

[techguru100]

Here is a question that I have wanting an answer for quite
a while:
(The following may not be useful for this operating
system, but a user may import applications mentioned below
from other versions of Windows or Windows NT...)
For example, if a user stores his email addresses and
contacts (address book style) in a Cardfile file (.CRD)
(using the Cardfile application from Windows 3.1 or NT
3.51), is it possible for worms to email all addresses in
Cardfile files if Cardfile is used for address filing? (it
can't be used in any email client or web browser, the user
must copy and paste email addresses stored in card files.)

 

[Rick]

What's the particular question?

Virus/worm writers tweak their malware to ferret out the usual locations
email addresses are stored. Since Cardfile is an old application from the
Win 3.1 days it is highly unlikely that the virus writer would program his
or her worm to look for email addresses in files with CRD extensions.
Malware needs to be small in size and that added functionality does not
bring added sucesses (from the bad guys viewpoint). He or she needs to keep
the malware trim.

That said, there are worms that spyder-crawl the files on your hard disk
looking for email addresses to harvest. The Netsky worm is an example. It
looks into files with the following extensions .adb,.asp .dbx.doc .eml
..htm.html .msg .oft .php .pl .rtf .sht .tbb .txt .uin .vbs .wab. Seems to
me that a cardfile data file could be scanned for email addresses as well.

Rick